Search in sources :

Example 66 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method groupMemberChownGidResource.

/**
 * Group Member can NOT change the owner gid of a resource
 * to a group of which they are a member
 *
 * As the user 'test2' (who is in the group users)
 * attempt to change ownership gid of /db/securityTest1/test.xml (which has uid 'test1' and gid 'users')
 * to the group 'test2-only' (of which they are a member)
 */
@Test(expected = XMLDBException.class)
public void groupMemberChownGidResource() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test2", "test2");
    final Resource resource = test.getResource("test.xml");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    // attempt to have user 'test2' take gid ownership of /db/securityTest1/test.xml (which is owned by test1:users)
    ums.chgrp(resource, "test2-only");
}
Also used : BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 67 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method cannotCreateXmlResourceWithoutWritePermissionOnParentCollection.

@Test(expected = XMLDBException.class)
public void cannotCreateXmlResourceWithoutWritePermissionOnParentCollection() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    ums.chmod("--x------");
    test.close();
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    final Resource resource = test.createResource("other.xml", XMLResource.RESOURCE_TYPE);
    resource.setContent("<other/>");
    test.storeResource(resource);
}
Also used : BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 68 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method groupNonMemberChownGidCollection.

/**
 * Group Member can NOT change owner gid of a collection
 * to a group of which we are NOT a member
 *
 * As the user 'test2' (who is in the group users)
 * attempt to change ownership gid of /db/securityTest1
 * to the group 'guest' (of which they are NOT a member)
 */
@Test(expected = XMLDBException.class)
public void groupNonMemberChownGidCollection() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test2", "test2");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    // attempt to take gid ownership of /db/securityTest1
    ums.chgrp("guest");
}
Also used : Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 69 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method canOpenRootCollectionWithExecute.

@Test
public void canOpenRootCollectionWithExecute() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db", "admin", "");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    ums.chmod("--x--x--x");
    test.close();
    DatabaseManager.getCollection(getBaseUri() + "/db", "test1", "test1");
}
Also used : Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 70 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method canReadXmlResourceWithOnlyReadPermission.

@Test
public void canReadXmlResourceWithOnlyReadPermission() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    Resource resource = test.getResource("test.xml");
    ums.chmod(resource, "r--------");
    test.close();
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    resource = test.getResource("test.xml");
    assertEquals("<test/>", resource.getContent());
}
Also used : BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Aggregations

Collection (org.xmldb.api.base.Collection)345 XMLResource (org.xmldb.api.modules.XMLResource)140 Test (org.junit.Test)115 Resource (org.xmldb.api.base.Resource)111 UserManagementService (org.exist.xmldb.UserManagementService)91 CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)85 BinaryResource (org.xmldb.api.modules.BinaryResource)80 XMLDBException (org.xmldb.api.base.XMLDBException)68 ResourceSet (org.xmldb.api.base.ResourceSet)55 EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)48 XPathQueryService (org.xmldb.api.modules.XPathQueryService)31 EXistResource (org.exist.xmldb.EXistResource)25 EXistXPathQueryService (org.exist.xmldb.EXistXPathQueryService)20 Before (org.junit.Before)20 URISyntaxException (java.net.URISyntaxException)18 Path (java.nio.file.Path)18 InputStream (java.io.InputStream)17 BuildException (org.apache.tools.ant.BuildException)14 XmldbURI (org.exist.xmldb.XmldbURI)13 Account (org.exist.security.Account)10